Extract ML Model (b5d1fd4f-861f-43e0-b1ca-ee8a3b47f7e1)
Adversaries may extract a functional copy of a private model. By repeatedly querying the victim's ML Model Inference API Access, the adversary can collect the target model's inferences into a dataset. The inferences are used as labels for training a separate model offline that will mimic the behavior and performance of the target model.
Adversaries may extract the model to avoid paying per query in a machine learning as a service setting. Model extraction is used for ML Intellectual Property Theft.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Exfiltration via ML Inference API (3b829988-8bdb-4c4e-a4dd-500a3d3fd3e4) | MITRE ATLAS Attack Pattern | Extract ML Model (b5d1fd4f-861f-43e0-b1ca-ee8a3b47f7e1) | MITRE ATLAS Attack Pattern | 1 |